With Windows Vista, Microsoft is not taking any risk or leaving anything to
chance. In December 2004, the Company acquired the assets of GIANT, which
included their highly respected AntiSpyware utility, which Microsoft
released into beta in January of 2005. The product was in beta for a long
time with a BETA 2 release earlier last year, which added improvements to
its scanning engine and a simplified interface. Windows Defender is
available for users of Windows XP and Server 2003 and is integrated with
Windows Vista.

The first time you launch Defender, the Home page is displayed; you will be
greeted by the option of acquiring the latest updates if new definitions are
made available since you acquired and installed Vista. At the bottom of the
Home Page there is quick Status Information summarizing when the Last Scan
occurred, including Scan Schedule, Real-time Protection and Signature
version, a very convenient overview for the user to get up and running
quickly with the utility. The interface is very straightforward; basing much
of its characteristics on the browser navigation, so using it should be
Childs play for many. At the top of the window are familiar tools to
interact with the application, these include, Scan, History, Tools and Help.

Scanning

Very straightforward feature, a user can immediately start scanning their
computer right away for the common vulnerabilities, Malware, Spyware and
Root kits, just to name a few. Windows Defender is not an Antivirus utility
though, it is for detecting Spyware, those sleek, new intelligent
vulnerabilities that take advantage of ActiveX controls and automatically
install themselves on your computer through pop up windows or rogue
downloads. Windows Defender improves the browsing experience in Internet
Explorer 7 by providing ongoing protection ensuring that suspected sites do
not install malicious programs onto the system. You can adjust additional
options by clicking the pop out list available beside Scan. If you click the
default Scan, it utilizes the Quick Scan option instead of scanning the
entire hard disk. This is probably more convenient for most users since Full
Scan is scans the entire disk, this includes, additional accounts and
personalized folders and settings, which of course take more time. Custom
Scan allows you to configure what Defender scans, such as individual
folders, application directories and settings.

History

A
nice addition, History gives users quick access to review or remove recently
found items that might be in the Quarantine. Allowed items give you a quick
listing of components or applications that have access to the system.
Allowed items are only monitored when they are not a part of your allow
list, this occurs in cases when a shared program is installed but is known
to carry spyware with the option of allowing it. This is a tricky situation,
since a lot of well-known applications install Internet Explorer add-ons, so
this is a decision for the user and not the application.

Tools

There are four options available under Tools: Quarantine, Software Explorer,
Allowed Items and Windows Defender. Earlier, I had mentioned Quarantine and
Allowed Items, both of which are also accessible as hyper-links from the
History page. I love the additions here, providing simplicity for accessing,
easier to review, remove and un-quarantined items. Tools also contain
additional settings for managing Defender, a very clean, straightforward
layout. General Settings has a plethora of options for configuring automatic
scanning, based on frequency, Time of day and type. You can check for
updates before scanning and automatically apply options on detected items
such as quarantining or add to your allow list.

Default & Real-Time Protection Options

For items detected, you have 3 available options, Low, Medium and High. In
case a root kit is detected for example, this would be designated with a
High Alert and be automatically removed by Defender. Of course, you have the
option of customizing these alerts to either ignore or remove. Protecting
critical areas of the Windows OS that are most susceptible to attack is one
of Windows Defenders great highlights, areas such as Services, Internet
Explorer, Windows Add-ons, and other types of negative System
reconfigurations that occur as a result of Spyware. You can also choose to
let Windows Defender notify when suspicious changes take place, whether it
is from software that has not been classified or detected from the Allow
List. A very convenient feature, this will provide an easy way for users to
ensure that their systems are protected or notified if their system is
potentially vulnerable to attack.

Advanced & Administrator Options

Here you can scan inside archives or use informal methods for detecting
spyware (basically leaving it up to Defender to decide what is and what is
not Spyware). You can also exclude certain drives or folders that you donít
want to scan. I would recommend you scan any drive or folder on your system
since Spyware seems to have a way of hiding it self anywhere possible.
Scanning supports both Administrator and Standard accounts, alerts users of
system changes or detection of malicious software. Users will be pleased to
find out that there is integration with Windows Update for the latest
definitions. Network Administrators will also be able to manage and
distribute updates using Windows Software Update Services (WSUS) in
networked environments. Windows Defender in Windows Vista also manages
applications that startup up with the system. Some drawbacks to General
Settings is the long scroll process to find the desired option. I wish all
the options were collapsible/expandable listings. Overall, the options are
many and detailed. There is also a Security Center listing for Windows
Defender, which provides a centralized location for management along with
other Security utilities such as Antivirus and Firewall.

Microsoft Spynet Community

Coming over from the GIANT acquisition is the Spynet Community, which allows
users to register and become a part of a group of fellow users who help
classify unknown spyware that is not yet classified as a risk by Windows
Defender. There are two tiers for becoming a member, Basic and Advanced, you
can also opt not to join the community. This aspect of Defender shows that
Security is an ongoing process and gives users the opportunity to become a
part of that fight against spyware.

Software Explorer

A
very cool component in Windows Defender, this allows you to manage how
applications run, whether access the Internet or Network connection or end a
process. To access software Explorer though you need to have Administrative
Rights, itís almost like an improved Task Manager with more customization in
it. Basic information about applications is also displayed in the right
Pane. There you can see how the application starts up from which path on the
system whether itís in the Registry or Windows Start-up folder. If it was
installed with Windows, there is a classification to see if it was analyzed
for security risk or digitally signed to ensure that the application is
completely safe to run on the system.

Users will be pleased by Windows Defenders easy to use interface, which
makes navigating and managing the application a great experience. The Spynet
Community is also a great way for users to get additional information and
share their experiences so that they can help to further improve the
products detection of spyware, which is superb so far. Integration with
Windows through Windows Update and Internet Explorer make it a necessary
part of the security experience that improves the overall experience and
strengthens confidence in the Windows platform.